From aff45d69a73033241531f5e3542a8d1782ddd859 Mon Sep 17 00:00:00 2001
From: Mark McLoughlin <markmc@redhat.com>
Date: Fri, 30 Mar 2012 12:17:48 +0100
Subject: [PATCH] Make import_nova_auth only create roles which don't already
exist
Fixes bug #969088
If a role already exists, there's no particular need for import_nova_auth
to barf. Instead, we should just use the existing role.
Change-Id: I18ae38af62b4c2b2423e20e436611fc30f844ae1
---
keystone/common/sql/nova.py | 5 ++++-
tests/test_migrate_nova_auth.py | 9 +++++++++
2 files changed, 13 insertions(+), 1 deletions(-)
diff --git a/keystone/common/sql/nova.py b/keystone/common/sql/nova.py
index 2f05fe8..01b14d9 100644
--- a/keystone/common/sql/nova.py
+++ b/keystone/common/sql/nova.py
@@ -85,8 +85,11 @@ def _create_memberships(api, memberships, user_map, tenant_map):
def _create_roles(api, roles):
- role_map = {}
+ role_map = dict((r['name'], r['id']) for r in api.list_roles())
for role in roles:
+ if role in role_map:
+ LOG.debug('Ignoring existing role %s' % role)
+ continue
role_dict = {
'id': _generate_uuid(),
'name': role,
diff --git a/tests/test_migrate_nova_auth.py b/tests/test_migrate_nova_auth.py
index 1be59b1..76b4a60 100644
--- a/tests/test_migrate_nova_auth.py
+++ b/tests/test_migrate_nova_auth.py
@@ -14,6 +14,8 @@
# License for the specific language governing permissions and limitations
# under the License.
+import uuid
+
from keystone.common.sql import nova
from keystone.common.sql import util as sql_util
from keystone import config
@@ -73,7 +75,14 @@ class MigrateNovaAuth(test.TestCase):
self.identity_api = identity_sql.Identity()
self.ec2_api = ec2_sql.Ec2()
+ def _create_role(self, role_name):
+ role_id = uuid.uuid4().hex
+ role_dict = {'id': role_id, 'name': role_name}
+ self.identity_api.create_role(role_id, role_dict)
+
def test_import(self):
+ self._create_role('role1')
+
nova.import_auth(FIXTURE)
users = {}